A network Google calls 'Outsider Enterprise' sold an $88 a week phishing kit that used Google's Gemini AI to build scam sites and stored them on Google Drive and Google Cloud, according to a new civil complaint filed Friday.
On Friday, Google sued a network it accuses of running a turnkey phishing business on Google's own AI. The civil complaint, filed in U.S. federal court, names a group the company calls "Outsider Enterprise" and describes a "phishing-as-a-service" operation priced at $88 a week or $200 a month. According to the filing, the kit's site generator is built in part on Google's Gemini, the same model Google uses to detect the resulting scams.
TechCrunch first reported the lawsuit and the FBI's parallel seizure. The complaint, filed on DocumentCloud, names trademark impersonation, copyright infringement, racketeering, wire fraud, and false advertising as causes of action. The strongest independent numbers come from the FBI and Lumen's Black Lotus Labs, which coordinated the takedown. An FBI spokesperson told TechCrunch the seized platform had been used to monetize about 3.87 million stolen credit cards and roughly $1.9 billion in losses since July 2023.
The numbers Google attributes to the network are larger and largely self-reported. Between November 14, 2025 and April 14, 2026, Google says it detected 1.59 million URLs tied to the operation, and that the group ran roughly 9,000 phishing sites, registered 1 million fraudulent web domains, and sent 2.5 million scam texts to Android users in a single two-week stretch in May. More than 55,000 of those texts were flagged by Android users, the company said, a complaint rate it described as "more than two per minute." At least 36,000 payment cards from 95 countries were stolen, according to Google's blog post on the case.
The structural story is what a phishing kit looks like once generative AI stops being an accelerant and becomes the production line. The Outsider kit, as Google describes it, includes an AI-assisted builder that generates phishing pages and crafts lures. Pages and supporting files sit on Google Drive and Google Cloud, the complaint alleges, using Google's storage and compute the same way a legitimate small business would. The operator's customers, the people who actually run the scams, do not need to know how to code. They pay a subscription and get a full-stack identity-theft business.
That is the contradiction at the heart of the case. Google operates one of the largest AI-driven anti-scam operations in the world. The company says it now blocks more than 10 billion scam messages a month and works with AT&T, T-Mobile, and Verizon to flag SMS lures. The plaintiffs in this case, drawn from Google's Trust and Safety and Threat Analysis Group teams, are running the defense. The defendants, as Google tells it, are running a parallel operation on top of the same rails, with Gemini as a co-author and Google Cloud as a host.
Google is not the only platform caught in that loop. The complaint describes coordination on Telegram channels, test accounts on Shopify, and infrastructure stitched together from commercial services: smartphone banks, SIM cards, modems, and the usual mix of registrar and CDN abuse. What is new is how thin the operator's footprint has to be. The SaaS model means the people running the kit do not have to phish anyone themselves. They need paying customers, who do not need to know how to phish either.
The lawsuit seeks compensatory and punitive damages along with an injunction. The "Outsider Enterprise" name and the "Chinese" attribution in the public-facing complaint are Google's allegations, not a court finding. Google says the real-world identities behind the operation are still unknown and refers to the group as "foreign-based."
A few things to watch as the case moves. The first is whether other plaintiffs, including payment networks, banks, or the cloud-storage and telecom providers named as conduits, follow Google into court, or whether the FBI seizure is followed by criminal indictments. The second is whether Google can use the complaint to set a precedent for treating AI-tool abuse as a distinct civil claim, separate from the underlying phishing. The third, and the one that matters most for the rest of the industry, is whether a SaaS-style phishing kit built on a major lab's models can survive contact with the same lab's safety team. The complaint is Google's argument that the answer, so far, is no.